There has been a race to figure out who made the hack on Solana, which has suffered attacks by bad actors with several million dollars worth of crypto stolen by unknown bad actors. Now, wallets are still being drained, but at a slower rate.
Solana’s security team has spent time and resources, and it is like the culprit has been found.
Though the attack targeted Solana users, it appears that Solana is not at fault; rather, the blame reportedly lies with Slope.
So far, Solana has confirmed that the issue only affects Slope’s hot wallets, as no hardware wallets have been targeted.
Solana developers recommend that all Slope users generate a new seed phrase, regardless of the type of wallet they were using.
“Create a new and unique seed phrase wallet, and transfer all assets to this new wallet. Again, we do not recommend using the same seed phrase on this new wallet that you had on Slope. If you are using a hardware wallet, your keys have not been compromised.”
“We are still actively diagnosing and are committed to publishing a full post-mortem, earning back your trust, and making this as right as we can.” They further stated
It was initially assumed during the investigation that the issue was more widespread since Phantom wallets were also drained. However, it became obvious that the Phantom wallets getting exploited were not full users.
“If you’ve used Slope at all, consider those wallets burned. Nothing yet to indicate Phantom itself has had an issue, though it’s interesting that there haven’t been reports of users on Solflare who used their seed on Slope as well, while there’ve been many with Phantom.”
The drained Phantom wallets had also used Slope, as confirmed by Austin Federa, the head of communications at Solana. This statement was confirmed by Phantom developers, who recommended that Phantom users who created their wallets with Slope send their funds to a non-Slope wallet.
Reports are also coming in that the breach of the Solana network reportedly occurred due to Slope logging seed phrases on their servers.
This cybersecurity malpractice appears to have led to about 9000 wallets being drained of multiple cryptocurrencies, with the largest amounts being SOL and USDC.
The investigation continues.
You might also like: Ongoing Solana-Based Hack Compromises Thousands of Wallets!